IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Assessing the Usefulness of Testing for Validating and Correcting Security Risk Models Based on Two Industrial Case Studies

Assessing the Usefulness of Testing for Validating and Correcting Security Risk Models Based on Two Industrial Case Studies
View Sample PDF
Author(s): Gencer Erdogan (SINTEF ICT, Norway & University of Oslo, Norway), Fredrik Seehusen (SINTEF ICT, Norway), Ketil Stølen (SINTEF ICT, Norway & University of Oslo, Norway), Jon Hofstad (EVRY, Norway)and Jan Øyvind Aagedal (Accurate Equity, Norway)
 Copyright: 2016
 Pages: 22
 Source title: Business Intelligence: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
 DOI: 10.4018/978-1-4666-9562-7.ch053

Purchase

Abstract

The authors present the results of an evaluation in which the objective was to assess how useful testing is for validating and correcting security risk models. The evaluation is based on two industrial case studies. In the first case study the authors analyzed a multilingual financial Web application, while in the second case study they analyzed a mobile financial application. In both case studies, the testing yielded new information which was not found in the risk assessment phase. In particular, in the first case study, new vulnerabilities were found which resulted in an update of the likelihood values of threat scenarios and risks in the risk model. New vulnerabilities were also identified and added to the risk model in the second case study. These updates led to more accurate risk models, which indicate that the testing was indeed useful for validating and correcting the risk models.

Related Content

Dina Darwish. © 2024. 48 pages.
Dina Darwish. © 2024. 51 pages.
Smrity Prasad, Kashvi Prawal. © 2024. 19 pages.
Jignesh Patil, Sharmila Rathod. © 2024. 17 pages.
Ganesh B. Regulwar, Ashish Mahalle, Raju Pawar, Swati K. Shamkuwar, Priti Roshan Kakde, Swati Tiwari. © 2024. 23 pages.
Pranali Dhawas, Abhishek Dhore, Dhananjay Bhagat, Ritu Dorlikar Pawar, Ashwini Kukade, Kamlesh Kalbande. © 2024. 24 pages.
Pranali Dhawas, Minakshi Ashok Ramteke, Aarti Thakur, Poonam Vijay Polshetwar, Ramadevi Vitthal Salunkhe, Dhananjay Bhagat. © 2024. 26 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.